package com.shopmall.controller;

import com.shopmall.pojo.Admin;
import com.shopmall.pojo.AdminRecord;
import com.shopmall.service.AdminRecordServiceImpl;
import com.shopmall.service.AdminServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.*;


import javax.servlet.http.HttpSession;
import java.sql.Timestamp;
import java.util.List;

@Controller
public class AdminController {

    @Autowired
    private AdminServiceImpl adminService;

    @Autowired
    private AdminRecordServiceImpl adminRecordService;


    /*

    @RequestMapping("/a")
    @ResponseBody
    public String index(){
        return "你好";
    }

    //获取数据库中的admin 表
    @GetMapping("/queryAdminList")
    public List<Admin> queryAdminList(Model model){
        List<Admin> adminList = adminService.queryAdminList();
        model.addAttribute("admins",adminList);
        return adminList;
    }




    //根据 id 查找
    @GetMapping("/queryAdminById/{id}")
    @ResponseBody
    public Admin queryAdminById(@PathVariable("id") int id){  //@RequestParam() 与 @PathVariable("id") 有什么区别？
        return adminService.queryAdminById(id);
    }

    //添加一个
    @GetMapping("/addAdmin0")
    @ResponseBody
    public String addAdmin0(){
        Timestamp date = new Timestamp(System.currentTimeMillis());
        //Date date = new Date(System.currentTimeMillis());
        Admin admin = new Admin(0,"www","55555",1,1,"小王",null,null,null,date,date);
        adminService.addAdmin(admin);
        return "添加用户"+admin.getAdmin_id();
    }

    //修改一个
    @GetMapping("/updateAdmin")
    @ResponseBody
    public String updateAdmin(){
        Timestamp date = new Timestamp(System.currentTimeMillis());
        Admin admin = new Admin(101,"nnn","11111",1,1,"笑笑",null,null,null,date,date);
        adminService.updateAdmin(admin);
        return "修改用户"+admin.getAdmin_id();
    }

    //删除一个
    @GetMapping("/deleteAdmin/{id}")
    @ResponseBody
    public String deleteAdmin(@PathVariable("id") int id){
        adminService.deleteAdmin(id);
        return "删除用户"+id;
    }
    */


    ////////从这里开始，是真正的跳转页面功能代码段

    @RequestMapping("/admin/admin_sys")
    public String queryAdminSysList(Model model,HttpSession session) {
        Admin account = (Admin) session.getAttribute("admin");
        if(account.getRole()!=0) {
            model.addAttribute("msg","权限不足！");
            return "/home";
        }
        else {
            List<Admin> adminList = adminService.queryAdminSysList();
            model.addAttribute("admin_s", adminList);
            return "admin/admin_sys";
        }
    }


    @RequestMapping("/admin/admin_mall")
    public String queryAdminMallList(Model model,HttpSession session) {
        Admin account = (Admin) session.getAttribute("admin");
        if(account.getRole()==0 || account.getRole()==1) {
            List<Admin> adminList = adminService.queryAdminMallList();
            model.addAttribute("admin_m", adminList);
            return "admin/admin_mall";
        }
        else {
            model.addAttribute("msg","权限不足！");
            return "/home";
        }
    }

    @RequestMapping("/admin/self_show")
    public String self_show(Model model, HttpSession session) {
        Admin admin = (Admin) session.getAttribute("admin");
        int id = admin.getAdmin_id();
        Admin self = adminService.queryAdminById(id);
        model.addAttribute("self", self);
        return "self/self_show";
    }

    @RequestMapping("/admin/add_admin")
    public String add_admin(Model model,HttpSession session) {
        Admin account = (Admin) session.getAttribute("admin");
        if(account.getRole()==0 || account.getRole()==1) {
            return "admin/add_admin";
        }
        else {
            model.addAttribute("msg","权限不足！");
            return "/home";
        }
    }


    @RequestMapping("/admin/add_admin_do")
    public String add_admin_do(Admin admin, Model model, HttpSession session) {
        Admin account = (Admin) session.getAttribute("admin");
        if(account.getRole()==0 || account.getRole()==1) {
            Timestamp date = new Timestamp(System.currentTimeMillis());
            AdminRecord record = new AdminRecord();
            record.setDo_who(account.getUsername());
            record.setDo_time(date);
            int state = account.getState();
            String string1;
            if (state == 0) {
                string1 = "超级管理员";
            } else if (state == 1) {
                string1 = "系统管理员";
            } else {
                string1 = "商品管理员";
            }
            record.setDo_role(string1);
            record.setDone_who(admin.getUsername());
            record.setDo_what("添加管理员");
            /////////////以上是记录信息设置

            Admin admin2 = adminService.queryAdminByUsername(admin.getUsername());
            if (admin2 != null) {
                model.addAttribute("msg", "已有相同账号的管理员，添加失败！");
                return "home";
            } else {

                admin.setAdd_date(date);
                admin.setUpdate_date(date);
                admin.setState(1);
                adminService.addAdmin(admin);
                if (admin.getRole() == 1) {      //////权限设置，只有超级管理员才能管理系统管理员，普通管理员只能管理商品管理员及以下
                    record.setDone_role("系统管理员");
                    adminRecordService.addRecord(record);
                    model.addAttribute("msg", "添加系统管理员成功！");
                    return "redirect:/home";

                } else if (admin.getRole() == 2) {
                    record.setDone_role("商品管理员");
                    adminRecordService.addRecord(record);
                    model.addAttribute("msg", "添加商品管理员成功！");
                    return "redirect:/home";  //redirect: 可以跳到 controller 的 mapping() 重定向地址

                } else {
                    model.addAttribute("msg", "发生错误，添加失败！");
                    return "home";     //普通的return 就只能跳转到 视图/template页了
                }
            }
        }
        else {
            model.addAttribute("msg","权限不足！");
            return "/home";
        }
    }


    @GetMapping("/admin/modify_admin/{id}")
    public String modify_admin(@PathVariable("id") int id,Model model,HttpSession session){
        Admin account = (Admin) session.getAttribute("admin");
        if(account.getRole()!=0) {
            model.addAttribute("msg","权限不足！");
            return "/home";
        }
        else {
            Admin admin = adminService.queryAdminById(id);
            model.addAttribute("admin", admin);
            return "admin/modify_admin";
        }
    }

    @RequestMapping("/admin/modify_admin_do/{id}")
    public String modify_admin_do(@PathVariable("id") int id,Admin admin,Model model,HttpSession session){
        Admin account = (Admin) session.getAttribute("admin");
        if(account.getRole()!=0) {
            model.addAttribute("msg","权限不足！");
            return "/home";
        }

        else {
            Timestamp date = new Timestamp(System.currentTimeMillis());
            AdminRecord record = new AdminRecord();
            record.setDo_who(account.getUsername());
            record.setDo_time(date);
            int state = account.getState();
            String string1;
            if (state == 0) {
                string1 = "超级管理员";
            } else if (state == 1) {
                string1 = "系统管理员";
            } else {
                string1 = "商品管理员";
            }
            record.setDo_role(string1);
            record.setDone_who(admin.getUsername());
            record.setDone_role("管理员");
            record.setDo_what("修改管理员信息");
            //以上是记录信息设置


            admin.setAdmin_id(id);
            admin.setUpdate_date(date);
            adminService.updateAdmin(admin);
            adminRecordService.addRecord(record);
            model.addAttribute("msg", "成功修改管理员 编号:" + admin.getAdmin_id() + " 账号:" + admin.getUsername() + " 的信息！");
            return "/home";
        }
    }

    //////特别注意，表单中的id并不可以修改，所以就不需要填写，
    // 但是，thymeleaf页面是根据form表单内的参数名，将其绑定到pojo实体类对象里的。
    // 所以如果通过网页传id后，在执行sql函数前，要将主码set给对象，
    // 或者直接在表单中以type="hidden"形式传递！！！

    @GetMapping("/admin/delete_admin/{id}")
    public String delete_admin(@PathVariable("id") int id,Model model,HttpSession session) {
        Admin account = (Admin) session.getAttribute("admin");
        if (account.getRole() != 0) {
            model.addAttribute("msg", "权限不足！");
            return "/home";
        } else {
            Timestamp date = new Timestamp(System.currentTimeMillis());
            AdminRecord record = new AdminRecord();
            record.setDo_who(account.getUsername());
            record.setDo_time(date);
            int state = account.getState();
            String string1;
            if (state == 0) {
                string1 = "超级管理员";
            } else if (state == 1) {
                string1 = "系统管理员";
            } else {
                string1 = "商品管理员";
            }
            record.setDo_role(string1);
            record.setDone_who("" + id);
            record.setDone_role("管理员");
            record.setDo_what("删除管理员");
            //以上是记录信息设置

            adminService.deleteAdmin(id);
            adminRecordService.addRecord(record);
            model.addAttribute("msg", "成功删除编号为 " + id + " 的管理员！");
            return "home";
        }
    }
}
